6

i have a id_rsa (private key which is used by me to authentication and encryption together with cert on yubikey piv smardcart provider on slot 9a) now i wish to use this key to create a pkcs12 keystore (private key + self signed cert) to sign jar files (android apk) via other slot on yubikey piv

i have created pkcs store this way:

$ openssl req -new -key id_rsa -out server.csr 
$ openssl x509 -req -days 3650 -in server.csr -signkey id_rsa -out server.crt
$ openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in server.crt -inkey id_rsa -out server.crt.p12 -name "Singnin cert"

and when i try upload those pkcs12 (or as separate key/cert) to slot 9c via :

Import the key and cert, do one of the below:

  • Import the key and cert (PEM format) in slot 9a:

      $ yubico-piv-tool -s 9a -a import-key -i key.pem
      $ yubico-piv-tool -s 9a -a import-certificate -i cert.pem
    
  • Import the key and cert (PKCS12 format) in slot 9a:

      $ yubico-piv-tool -s 9a -a import-key -a import-cert -i key.p12 -K PKCS12
    

i get error

Enter Password: 
Invalid public exponent for import (only 0x10001 supported)
Unable to import private key

ps. i use management key

i have tried convert id_rsa to to pkcs8 or remove pasphrase

could anyone explain me what is this error about ? i have google about this but with no luck

my idr_rsa

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,[some numbers I've cut]

YUBIKEY PIV certificate slots

A PIV-enabled YubiKey holds 4 distinct slots for certificates, as specified in the PIV standards document. Each of these slots is capable of holding an X.509 certificate, together with its accompanying private key. Technically these four slots are very similar, but they are used for different purposes.

Slot 9a: PIV Authentication This certificate and its associated private key is used to authenticate the card and the cardholder. This slot is used for things like system login. The end user PIN is required to perform any private key operations. Once the PIN has been provided successfully, multiple private key operations may be performed without additional cardholder consent.

Slot 9c: Digital Signature This certificate and its associated private key is used for digital signatures for the purpose of document signing, or signing files and executables. The end user PIN is required to perform any private key operations. The PIN must be submitted every time immediately before a sign operation, to ensure cardholder participation for every digital signature generated.

Slot 9d: Key Management This certificate and its associated private key is used for encryption for the purpose of confidentiality. This slot is used for things like encrypting e-mails or files. The end user PIN is required to perform any private key operations. Once the PIN has been provided successfully, multiple private key operations may be performed without additional cardholder consent.

Slot 9e: Card Authentication This certificate and its associated private key is used to support additional physical access applications, such as providing physical access to buildings via PIV-enabled door locks. The end user PIN is NOT required to perform private key operations for this slot.

i have read:

https://crypto.stackexchange.com/questions/3110/impacts-of-not-using-rsa-exponent-of-65537

https://crypto.stackexchange.com/questions/10809/openssl-rsa-how-many-public-exponents-are-possible

Should RSA public exponent be only in {3, 5, 17, 257 or 65537} due to security considerations?

https://stackoverflow.com/questions/10736382/what-does-e-is-65537-0x10001-mean

ps. i have dump txt via

$ openssl rsa -text -in id_rsa

and there is

publicExponent: 37 (0x25)

is there a way to change the public exponent to 0x10001? or do i have generate new key ;/ and all certificates from scratch ?

ps2.

i have dig out such a text about possibility but no further explanation

https://crypto.stackexchange.com/questions/30316/is-it-possible-to-correct-the-exponent-of-an-rsa-public-key-if-it-has-been-alter

ceph3us
  • 161
  • 1
  • 6

1 Answers1

3

(Crosspost of https://crypto.stackexchange.com/questions/33728/uploading-pkcs12-to-yubikey-piv-slot which is offtopic there.) It is theoretically possible to change the public exponent while keeping n as long as the new e is coprime to p-1 and q-1, and for F4 you have a good chance of this. But this is much more work than generating a new keypair, plus it does require regenerating the cert(s).

I'll guess you generated your RSA keypair with ssh-keygen from OpenSSH; that's the only common tool I know that chooses e=37, and it also defaults to filename id_rsa. The easy answer is to instead generate the keypair with OpenSSL which defaults e=65537 aka F4 (at commandline). Further, req can combine keypair generation with CSR creation, and unless you need to keep the CSR file can also skip the CSR and produce a selfsigned certificate directly by adding -x509:

openssl req -newkey RSA:bits -x509 -days 3650 -keyout privatekey -out server.crt
# proceed with PKCS12 conversion etc.

If you are planning to use this for SSH, note that OpenSSH can perfectly well use an RSA key with e=65537; it simply doesn't generate one.

dave_thompson_085
  • 9,759
  • 1
  • 24
  • 28
  • thanks for clearing it - i planed to use this key as CA key for signing, file encryption, login etc - "universal key" btw can i dump a private encrypted key from pkcs11? export a backup when key was generated on PIV ? – ceph3us Mar 16 '16 at 14:50